DoD's secret sauce for securing mobile

Nov. 11, 2013 - 06:00AM
|

A key feature of the Pentagon’s new mobile device management (MDM) system will ensure users can securely access email, calendar and Web browsing features on Apple and Android devices.

The company behind that feature is mobile security firm Fixmo. The company’s secure container technology and compliance monitoring software are part of the Defense Department’s larger MDM and mobile application store contract it awarded in June. The $16 million contract was awarded to DMI, a systems integrator charged with designing a solution to support at least 100,000 devices early on, with the potential to scale up.

Rather than securing each mobile app separately, Fixmo provides a secure container or workspace where all DoD apps can be stored on mobile devices, chief marketing officer Tyler Lessard said. Fixmo’s technology can enforce the use of complex passcodes and allow users to digitally sign encrypted emails and log into back-end systems using their Common Access Cards, Lessard said.

Another security feature allows DoD to detect any changes to installed apps, device configurations and whether underlying operating system files have been tampered with, either unknowingly or maliciously, Lessard said. These changes can trigger an automatic lockdown of the device or a remote wipe of data on the device.

Some of the core technology developed by Fixmo evolved from its participation in the National Security Agency’s technology transfer program, Lessard said. Some of the intellectual property was originally developed by the NSA for use within DoD, specifically to enforce the security of BlackBerrys. Since then, DoD has moved to expand its variety of mobile devices.

“We felt very early on that we needed to be able to introduce commercial mobile devices, effectively smartphones, into DoD while ensuring that we were managing the security risks,” DoD Chief Information Officer Teri Takai said.

“Each service was doing it ... in its own way,” Takai was quoted as saying in a recent American Forces News article. The challenge for DoD “was that we weren’t going to get uniform security, we weren’t potentially going to get smartphones that talked to each other, and in fact, we weren’t putting together the necessary infrastructure to be able to do it.”

DoD smartphones around the world will be programmed and controlled in the same way, Takai said.

The MDM system is in the test phase, and it expected to reach initial operating capabilities in January.